<?php

class ManageLoginAction extends LtAction
{
	public function __construct()
	{
		parent::__construct();
		$this->responseType = 'tpl';
		$this->layout = 'bylayout';

		$this->data['headnavbar']['visitlog'] = '';
		$this->data['headnavbar']['hyperlink'] = '';
		$this->data['headnavbar']['customer'] = '';
		$this->data['headnavbar']['index'] = '';
	}

	public function execute()
	{
		$this->template = "Manage-Login";
		$this->data['title'] = 'manage login';
		$this->data['roleinfo']['username'] = '';	
		
		// 如果是登出，删除cookie
		//$dologout = $this->context->request('dologout');
		$dologout = $this->context->get('dologout');
		if(!empty($dologout))
		{
			$tmpcookie = new LtCookie;
			$delre = $tmpcookie->delCookie('spread_manager');
		}
		else
		{
			// 读取登录后要跳转到的页面地址
			$gourl = $this->context->get('gourl');
			if(empty($gourl))
			{
				$gourl = $this->context->post('gourl');
			}
			if(empty($gourl))
			{
				$gourl = base64_encode(C('LtUrl')->generate('manage','index'));
			}

			$this->data['gourl'] = $gourl;
			$this->data['noticestr'] = '';
			if($_SERVER['REQUEST_METHOD'] == 'POST')
			{
				// 读取输入的用户名和密码
				$username = $this->context->post('username');
				$userpsw = $this->context->post('userpsw');
				if(empty($username) || empty($userpsw))
				{
					$this->data['noticestr'] = "<div class='warning'>用户名和密码不能为空</div>";
				}
				else
				{
					// 用户密码取md5值后和用户名一起送到数据库取值
					$pswmd5 = md5($userpsw);
					$querycond="username=:username and userpsw=:userpsw";
					$queryArray=array('username'=>$username, 'userpsw'=>$pswmd5);
					$querydao = new ManagerDao();
					$queryre = $querydao->getList($querycond, $queryArray);
					if(empty($queryre))
					{
						$this->data['noticestr'] = "<div class='warning'>用户名和密码不匹配</div>";
					}
					else
					{
						// 校验通过，设置cookie，表示用户已经登录
						$tmpcookie = new LtCookie;
						$nowtime = time();
						$tmpcookie->setCookie('spread_manager', "$username---$nowtime---$pswmd5", $nowtime+600);
						header('Location: '.base64_decode($gourl));
					}
				}
			}// end of if($_SERVER['REQUEST_METHOD'] == 'POST')
		}// end of else of if(!empty($dologout))
	}// end of function excute
}
